finance

Unlocking loyalty in a compliant manner



On 30 January, the Competition Market Authority announced the launch of a review of a popular strategy deployed particularly by supermarkets, with the rise in retailers offering cheaper prices to loyalty members only.

There’s also been media scrutiny about retailers offering member-only sales and discounts to consumers who have provided their data for the retailer to understand spending habits.

A recent GlobalData survey highlighted that almost 40% of consumers surveyed would prefer not to use loyalty schemes, as they’re not comfortable sharing their data with retailers and are questioning the legitimacy of these offerings from a data protection perspective.

What are the key steps retailers can take to maximise the benefit of membership schemes whilst protecting personal data?

Identify and document the correct lawful basis for processing

Are you using profiling as part of your business strategy?

You may be able to use legitimate interests as your lawful basis for profiling, however, to ensure you’re appropriately balancing your business interests with the interests of your consumers, conducting a legitimate interest assessment is crucial.

Remember to always give consumers the opportunity to opt-out of profiling.

Most forms of direct electronic marketing require carefully curated consent wording. Strict requirements apply for obtaining valid consent and there’s a high bar to be met. For example, avoid directly tying membership access to the marketing consent.

Importantly, you should clearly describe what you’re asking a consumer to consent to; without pre-ticking any boxes.

If relying on personal data gathered through cookies or similar technologies, you should confirm whether your consent is valid and be aware of the recent European Data Protection Board guidance threatening to change how pixels are treated in the EU.

Readers Also Like:  Why ditching hydrogen heating for homes makes sense 

When reviewing your website, confirm and highlight that there’s a clear option to reject cookies. This option shouldn’t simply lead to the website closing. Avoid having a banner with ‘accept’ in bold and ‘reject’ hidden under a different term like ‘settings’ or ‘more options’, as this isn’t considered to meet the standard of valid consent.

Be transparent to ‘earn points’ and build trust with consumers

Clearly describe the data processing you’re performing. Especially where you’re processing personal data in a way that people might not necessarily expect.

Invisible processing is heavily scrutinised by regulators and should be avoided. It’s better to draw explicit attention to higher-risk processing by mentioning it at the start of your privacy policy or in the user journey.

If processing personal data for analytical purposes or collaborating with social media companies for targeted advertising, it’s essential to clearly disclose that in your privacy policy.

Helpfully, the Information Commissioner’s Office recently launched on its website a toolkit for organisations considering using data analytics, providing useful reference for retailers considering AI to analyse personal data gathered through retailer memberships.

Remember, when making discount price claims to your loyalty scheme members, advertising rules still apply – be sure that the loyalty pricing doesn’t mislead shoppers, that promotions are genuine and that you’re making membership accessible to all.

Linzi Penman is a partner in DLA Piper’s intellectual property and technology practice in Scotland



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.